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(Once AiftsQded) The method of claim 1 further comprising the steps of: 

determimhg^whether a digital signature key pair update request has been 
received from a client unit; 

receiving a new digitaHjgnature key pair from the client unit in response 
to the digital signature key pair update reqbe^t; and 

wherein the step of associating th^^red selected expiry data includes 
creating a new digital signature certificate containing utes^elected public key expiry data 
selected for the client [generating] that generated the digital signature key pair update 
request. 






manager unit, selectable expiry data 

key expiry data that is selectable 



9. (Once Amended) A method for providing 
key system comprising the steps of: 

providing^ through a multi- client : 
including public key expiry data and selectable pjrivate ] 
on a per client basis; 

digitally storing selected public k^y expiry data for association with a new 
encryption key pair; and 

associating the stored selected exptiry < 
pair to [facilitate] affect a transition from an old < 
key pair. 



updated encryption key pairs in a public 



iry data with the new encryption key 
encryption key pair to a new encryption 



10. "^QQce Amended) The method of claim 9 wherein the step of providing selectable 
expiry data includes additionally providing updated digital signature key pairs, the step of 
storing includes storin^new digital signature key pair, and the step of associating also 
includes associating [the] storfed^lected expiry data selected for the new digital 
signature key pair to [facilitate] affecbo^ransition from an old digital signature key pair 
to a new digital signature key pair. 



1 1 . (Once Amended) The method of claim 10 wherein ^ftte^electable expiry data is 
digital signature certificate lifetime data for variably setting a lifetihK^end date for a 
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digital si^H^ture certificate [associated with a given client] and [is] also includes 
encryption certilfcat^lifetime data for variably setting a lifetime end date for an 
encryption certificate associated with the given client. 



12. (Once Amended) The method of clainKJ further including the step of providing 
variable update privilege control on a per client basis > fos lhe multi-client manager unit to 

'anchhe^gi 



facilitate denial of updating the digital signature key pair ; 



encryption key pair. 




14. (Once Amended) A system for providing undated digital signature key pairs in a 
public key system comprising: 

multi-client manager means for providing selectable expiry data including 
at least public key expiry data and selectable privjate key expiry data that is selectable on 
a per client basis; 

means, accessible by the multi-cljent manager means, for digitally storing 
both selected public key expiry data and selected private key expiry data for association 
with a new digital signature key pair; and 

means, responsive to the stored delected public key expiry data, for 
associating the stored selected expiry data withjthe new digital signature key pair to 
[facilitate] affect a transition from an old digitafl signature key pair to a new digital 
signature key pair. 




15. "(Gqce Amended) The system of claim 14 wherein the selectable expiry data is 
digital signature*fc€^tificate lifetime data for variably setting a lifetime end date for a 
digital signature certific^te^associated with a given client]. 

16. (Once Amended) The system of <?laim 14 further including means for providing 
variable update privilege control on a per clieniba^is to the multi-client manager means 
to facilitate denial of updating the digital signature key^>^r on a per client basis. 



17. (Once Amended) The system of claim 16 wherein the multi-clkjit manager means 
includes the means for associating the stored selected expiry data with the nfew digital 
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signature key pai^and [wherein] includes the means for providing variable update 
privilege control. 



(X, 



of 



lST^^Once Amended) The system of claim 14 further comprising: 

leans for determining whether a digital signature key pair update request 
has been received fronl^a^lient unit; ^ 

means for receiving^! new digital signature key pair from the client unit in 
response to the digital signature key pairtrpdate request; and 

wherein the means for associating the stored selected expiry data creates a 
new digital signature certificate containing the selectecTpliblic key expiry data selected 
for the client [generating] thaLgeneiated the digital signaturekey^pah: update request. 




2 1 . (Once Amended) A storage medium 
a stored program for executic 



comprising: 

n by a processor wherein the program 



facilitates providing updated digital signatu: e key pairs in a public key system by: 

allowing entry of sel< stable expiry data including at least public 
key expiry data and selectable private key qxpiry data that is selectable on a per client 
basis; 

digitally storing botl 



selected public key expiry data and selected 
private key expiry data for association witH a new digital signature key pair; and 

associating the store- 1 selected expiry data with the new digital 
signature key pair to [facilitate] affect a transition from an old digital signature key pair 
to a new digital signature key pair. 

22. TOnce Amended) The storage medium of claim 21 wherein the stored program 
allows selection oF^dieital signature certificate lifetime data for variably setting a lifetime 
end date for a digital signattH^certificate [associated with a given client]. 



23. (Once Amended) The storage medium^fcl^im 21 wherein the stored program 
further includes [the facilitating] affecting variable update^)riA(ilege control on a per 
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